We are displaying the names of all active windows in Windows.

 

We are writing a Worm

 

In this article, we'll look at how Clipboard works and focus on copied or cut data that we capture.

Introduction to Alternate Data Stream (ADS)

 

Today we’ll take a closer look at how the content of infected libraries is running into running processes, or how to deploy moduls - Inline Hooking Dll. 

Encrypting the content of files via file infector .

 

In this example, I will show - describe the way the malware module works, namely the keylogger.

In this example, I will use the option HOOKING, specificl fuctnions called CallBack.

  

 
By continuing the article Inline Hook DLL, today we will introduce the method of hooking code through the Import Access Table.


 

Sample code for the first malware module, Watcher.

 

We write kernel driver - we are deleting files.